Small Businesses: Don’t Make These 7 Common Cybersecurity Mistakes

Written by Blogger

Guest Blog Post: Lance Cody-Valdez

Hackers are going after SMBs with a vengeance – 43 percent of all cyberattacks are directed toward these smaller companies, according to a Hacked report.  SMBs make for “soft” targets, as many don’t have basic cybersecurity safeguards in place and are uninformed when it comes to relevant best practices. To make matters worse, some make inadvertent mistakes that leave them extra vulnerable, and, consequently even easier pickings to hackers.

Below, Paraben Corporation covers 7 common cybersecurity mistakes you might be making and offers some suggestions for doing better:

Not taking cybersecurity seriously enough

Cybersecurity is often way down the priority list for businesses. The common sentiment is that cyber threats are not truly a serious problem and that attacks happen to other people, not them. The statistics don’t bear this out, unfortunately. Not only are hackers targeting smaller businesses, but the majority of hacked companies will go out of business in 6 months, making cyber threats a grave danger indeed. Essentially, cybersecurity is non-optional.

Not training employees

The leading cause of cyber breaches is human error.  Employees often make mistakes, without meaning to, such as leaving their credentials lying around or unconsciously clicking on a malicious link. Infosec shares some other interesting examples. Training them on cyber threats and setting up a company-wide “do’s and dont’s” policy can help plug this glaring security hole.

Not following networking best practices

Most hackers will enter your systems through the internet, remotely – hardware-based hacks are difficult to pull off and, consequently, rarer. As such, securing your network goes a long way toward keeping you safe. Unfortunately, again, this is something many companies fail to account for. Calyptix offers several network security recommendations – implementing zero trust, using NACs, controlling access, configuring logging, and safeguarding network management tools. 

Failing to password-protect files

Often, there’s a great deal of sensitive data in files, whether that’s customer-related information or the company’s intellectual property. These files aren’t always password-locked, meaning anyone can open and read them. Putting passwords on sensitive files is an excellent way to keep their data safe. That way, even if someone manages to snag them, they still won’t be able to open them.

You can use online tools to reliably password-protect files. For instance, you can use this digital tool to quickly sign and fill in a PDF form, you can use the tool’s password-protect feature to share it securely with approved recipients, without having to print or mail it in. Simply upload the file online to make changes, then (optionally) download it and share. 

Failing to patch software in time

Hackers frequently attempt to gain access to a company’s data through vulnerabilities in third-party apps being used for key tasks – such as a bookkeeping tool that takes care of their taxes. Developers frequently release software updates to patch known vulnerabilities. If your business doesn’t install the update in time, it may leave itself open to an attack.

Not working with reliable partners

Your business may have the best cybersecurity in town, but what happens if it outsources a work process to a company that has the poorest? What if you use a SaaS solution offered by a third party that doesn’t have its cybersecurity act together? It’s important that you choose reliable partners for your various needs, whether that’s specific to cybersecurity or anything else. Paraben Corporation provides cutting-edge solutions specializing in forensics, risk assessment, and security. 

Not having a disaster recovery plan

Even the best-protected companies get hacked. The fallout needs to be carefully managed and minimized to prevent permanent damage to the company’s operations and, perhaps more importantly, its reputation. For instance, if there’s no data backup in place and customer data is stolen, there may be no way to retrieve customer data. This could be disastrous to customers and, by extension, your business. A disaster recovery plan can help you quickly get back up and running again, with minimum loss to operations or reputation.


Hackers are getting more devious as well as technologically advanced as time goes by. You can best keep your company safe by ensuring you follow the latest recommendations from the experts for everything from using a computer to sharing information. And, of course, don’t make common mistakes! 

Forensic-Impact Articles

Different Android Flavors and Forensic Processing

Different Android Flavors and Forensic Processing

Android, developed by Google, is one of the most popular mobile operating systems worldwide, powering millions of devices. What you might not realize is that there are different tiers of Android OS that are available for millions of devices. We will explore the three...

Why is Triage a good step in Digital Forensics?

Why is Triage a good step in Digital Forensics?

Many people discount the value of triage. Investigators try to obtain all the data at once, which can be costly and unproductive. With the data gap gone between mobile and computer-related data, you can analyze terabytes now without breaking a sweat. Triage and...

Fall is full of new data in iOS 16 messages

Fall is full of new data in iOS 16 messages

With each fall we see changes in the smartphone world with new firmware updates that bring extra spice to the pumpkin spice season. This year was not an exception with iOS 16 showing lots of new data that will add to our digital investigations. iOS 16 held a lot of...